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Description 

Background of the Invention 

1. Field of the Invention 

The present invention relates to the field of data 
processing, and in particular, to a nnethod and apparatus 
for controlling the dissemination of digital infoimation. 
Furthermore, the present invention provides transpar- 
ent access to uncontrolled digital infomiation together 
with controlled digital information with the same access 
apparatus. 

2. Description of the Related Art 

The distribution of original works - whether be it text, 
graphics, animation, video or audio - in magnetic, elec- 
tronic, optical or any other medium is becoming popular 
Advances in digital compression technology and im- 
provement in the price/performance ratio of computers 
have made it economical and feasible to disseminate 
digital information in such "soft" forms. However, original 
works encoded in digital medium can be easily duplicat- 
ed, encrypted, transmitted via communication networks 
and destroyed. For the remainder of the description of 
the present invention, original works encoded in digital 
medium shall be referred to as digital information. The 
push factors, i.e., easy access and manipulation, that 
make digital information a rival to the traditional hard 
copy forms, i.e., books, newspapers or microfiches, 
have also made it difficult to establish evidence of illegal 
usage of such information. 

With respect to the distribution of hard copies of 
original works, copyright and publishing laws strike a 
balance between the twin goals of compensating the 
publisher/author and of maintaining reasonable cost to 
the end users. It is straightfonvard to establish evidence 
of making illegal copies of hard copy of original works. 
The main thrust of copyright and publishing laws is to 
establish evidence of illegal possession. 

In contrast, evidence of illegal possession of digital 
information is difficult at best and at worst impossible to 
obtain. The present invention proposes to control the us- 
age of distributed digital information as an alternative. 
By usage, the present invention refers to the number 
and timing of the accesses specified by the information 
provider. 

Prior art controls the dissemination of software pro- 
grams only with copy protection schemes. Copy protec- 
tion relies on hardware or software artifacts to detect 
and prevent illegal copying of software programs. En- 
cryption is sometimes used to provide copy protection. 
Some recent examples of copy protection schemes are 
U.S. patent No. 4,866,769 to Karp and U.S. patent No. 
4,903,296 to Chandra et al. 

U.S. Patent No. 4,903,296 claims copy protection 
of software on magnetic medium with a special key hav- 



ing two marks made on the surface of the medium. 
These marks are in the form of absence of material and 
domains that cannot be formed by conventional mag- 
netic disk write heads. Additionally, an encrypted key 
5 which is critical for running the application is built into a 
special purpose hardware subsystem. Finally the hard- 
ware subsystem is required to decrypt the key. 

U.S. Patent No. 4,866,769 teaches a method of 
copy protection of personal computer software distrib- 
uted in diskettes through the use of a unique identifica- 
tion stored in read only memory of a personal computer. 
A source ID is provided with every software distributed. 
The personal computer ID is used with the source ID on 
the distribution diskette to produce an encoded check 
word, using any available encryption method. This 
check word is then used to verify that the software is 
being used on the designated personal computer 

While U.S. Patent Nos. 4,903,296 and 4,866,769 
disclose off-line schemes for controlled dissemination 
of software, U.S. Patent No. 4,999,806 describes a cen- 
tral station distributing software over telephone lines - 
an on-line scheme for software dissemination. The cen- 
tral station transmits an acceptance code to a caller and 
then terminates the call. After verifying the caller's credit 
information, the central station calls the purchaser back 
and continues with the transaction only after receiving 
the acceptance code. The central station then transmits 
a Control Transfer Program and Initialization Program 
to the purchaser. The purchaser executes the Initializa- 
tion Program to turn over control of the purchaser's com- 
puter to the central station. The Control Transfer Pro- 
gram makes sure that no memory resident copying pro- 
grams are running before transmitting over the tele- 
phone line the purchased/leased program to the pur- 
chaser's computer. Thereafter the various transmitted 
programs are erased, leaving only a copy of protected 
version of the purchased program on the purchaser's 
disk. 

To prevent unauthorized copying and use of infor- 
mation, prior art copy protection schemes require either 
introducing artificial indicaas software keys or requiring 
special hardware subsystems. Not only are these solu- 
tions costly to both the information providers and the end 
users as they require additional processing steps, but 
they are also incompatible with the trend of encouraging 
concurrent use of different types of information in a net- 
work environment. Furthermore, the prior art copy pro- 
tection schemes provide limited control over the dissem- 
ination of digital information in that they prevent unau- 
thorized copying of software but not "uses' of such in- 
formation. 

Absent from the prior art is the dissemination of un- 
controlled information. By uncontrolled information, the 
present invention refers to a portion of the information 
which the information provider has decided to let the end 
user view without registering it as a 'use" of the control- 
led information. Typically, the uncontrolled information 
is either at a lower resolution compared with the control- 
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led information or it comprises a selected portion o1 the 
controlled information which allows the end user to 
make an informed decision whether to subscribe or use 
the controlled information. Examples of uncontrolled in- 
formation are the preview of a movie, or a demonstration 
version of the controlled software, or even an abstract 
of a patent document. Hitherto, prior art information dis- 
semination system does not permit the transparent ac- 
cess of uncontrolled digital information with the same 
access device as that for accessing the control led digital 
information. 

In the articles 'The concept of a Software Service 
System (SSS)' and 'Implementation of a Small-Scale 
Prototype for Software Sen/ice System (SSS)' by Mori 
and Tashiro, Systems and Computers in Japan, \fol. 19, 
No.5 1988, pages 38-60, a software licensing system is 
described in which software access rights are encrypted 
in a header which is distributed with the software. In this 
SSS system, any modification of access rights (decre- 
menting a number-of -accesses counter, for example) is 
performed using a special tamper-proof "SSS-Box". 

Summary of the Invention 

The present invention relates to a method for con- 
trolling the dissemination of digital information as set out 
in claim 1 , and claim 4. 

Brief Description of the Drawings 

FIG. 1 is a model of information dissemination. 

Fl G . 2 illustrates a logical structure of a Sealed Con- 
trolled Information (COIN) according to a first embodi- 
ment of the present invention. 

FIG. 3 shows the architecture of a device used by 
an information consumer for accessing the controlled in- 
formation according to the first embodiment of the 
present invention. 

FIG. 4 illustrates the logical flow of how the Sealed 
COIN is prepared by an information provider. 

FIGS. 5A & 5B show the logical flow of the controller 
in the access device according to the first embodiment 
of the present invention. 

FIG. G illustrates the architecture of an access de- 
vice for a system for controlled dissemination of digital 
information according to the second embodiment of the 
present invention. 

FIG. 7A illustrates a possible format of the logical 
structure of Sealed COIN used in a second embodiment 
of the present invention. 

FIG. 7B illustrates a possible format of the logical 
structure of the Sealed Opener which cooperates with 
the Sealed COIN used in the second embodiment of the 
present invention. 

FIG. 8 illustrates the flow diagram of the information 
provider used in the second embodiment of the present 
invention where a Sealed COIN is generated. 

FIG. 9 shows the flow diagram of the information 



provider used in the second embodiment of the present 
invention where an opener for accessing the sealed 
COIN in FIG. 8 is generated. 

FIG. 1 0 illustrates the logical flow of the overall proc- 
5 ess of on-line controlled dissemination of information 
according to the second embodiment of the present 
invention . 

FIGS. 11 A and B illustrate the flow diagram of the 
controller in the access device according to the second 
10 embodiment of the present invention. 

Detailed Description of the Invention 

A method and apparatus for controlling the dissem- 
15 ination of digital information is described. In the follow- 
ing description, numerous specific details are set forth 
such as logical structures of digital information and pro- 
gram steps, etc. in order to provide a thorough under- 
standing of the present invention. It will be obvious to 
20 one skilled in the art that the present invention may be 
practiced without these specific details. In other instanc- 
es, well-known steps such as those involved with en- 
cryption and decryption of data are not shown in order 
not to obscure the present invention. 

25 

Notation and Nomenclature 

The detailed description with respect to the control- 
led dissemination of digital information is presented par- 

30 tially in terms of algorithm and symbolic representation 
upon operation on data bits within a computer memory. 
These algorithmic descriptions and representations are 
the means used by those skilled in the data processing 
art to convey most effectively the substance of their work 

35 to others skilled in the art. 

An algorithm is here, and generally, conceived to be 
a self-con si stent sequence of steps leading to a desired 
result. These steps require physical manipulation of 
physical quantities. Usually, though not necessarily, 

"^0 these quantities take the form of electrical, optical or 
magnetic signals capable of being stored, transferred, 
combined, and othenwise manipulated. It proves con- 
venient at times, principally for reason of common us- 
age, to refer to these signals as bits, values, elements, 

^5 symbols, characters, numbers or the like. It should be 
borne in mind, however, that all of these and similar 
terms are to be associated with the appropriate physical 
quantities and are merely convenient labels applied to 
these quantities. 

50 Further, the manipulations performed are often re- 
ferred to in terms such as adding or comparing, which 
are commonly associated with the mental operations 
performed by a human operator. No such capability of 
a human operator is necessary, or desirable. In most 

55 cases, in any of the operations described herein which 
form part of the present invention, the operations are 
machine operations. Useful machines for performing 
the operations of the present invention include general 
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purpose digital computers or similar devices. In all cas- 
es, it should be borne in mind that there is a distinction 
between the method operation in operating a computer 
or otiier apparatus and the method of computation itself. 
The present invention relates to method steps for pro- 
viding better control over the dissemination of digital in- 
formation. 

The present invention also relates to an apparatus 
for performing these operations. This apparatus may be 
specially constructed for the required purpose or it may 
comprise a general pu rpose computer as selectively ac- 
tivated or reconfigured by a computer program stored 
in the computer. The algorithms presented herein are 
not inherently related to any particular computer or other 
apparatus. In particular, various general purpose ma- 
chines may be used with programs written in accord- 
ance with the teachings herein, or it may prove more 
convenient to construct specialized apparatus such a 
dedicated processor to perform the required method 
steps. The required structure for a variety of these ma- 
chines would appear from the description given below. 

GENERAL SYSTEM CONFIGUFWION 

A general model of information dissemination is 
shown in FIG. 1. Here, the Information Provider 10 re- 
fers to a supplier of all types of information including but 
not restricted in form to toct, graphics, animation, video, 
audio, software, or any combination thereof. The trans- 
mission channel 20 represents the means and more 
specifically the media through which information is de- 
livered to the Information Consumer 30 over paths 15 
and 25. The transmission channel 20 includes but is not 
limited to any communication means or media such as 
computer networks, satellite links, diskettes, optical 
disks or other storage medium. It should also be under- 
stood by one skilled in the art that Information Consumer 
30 is used interchangeably with one or more end users 
of information. The present invention chooses the word 
■information consumer" to highlight the use-once nature 
of the controlled information. In other words, once con- 
trolled information is consumed, the original information 
no longer exists in a usable form and the re-access to 
the same information is not automatic. The use-once na- 
ture can be generalized to use-n-time, i.e., once the con- 
trolled information has been used for n times, it no longer 
exists in a usable form. 

This invention teaches methods and apparatus for 
an information provider to prepare information packag- 
ing for dissemination. These methods are going to be 
described in specific steps of manipulating information. 
For one skilled in the art, it is obvious that some of these 
steps shall be best automated by, for example, imple- 
menting them as a special purpose software, which is 
normally called a server, running on general purpose 
computers. It is also clear that an information provider 
could simultaneously instantiate multiple executions of 
the server to serve multiple information consumers. For 



clarity of presentation, the description below shall elab- 
orate on the model having one provider and one con- 
sumer in our description. It is also clear that an informa- 
tion consumer may also be another information provid- 
5 er. 

FIRST EMBODIMENT OF THE PRESENT INVENTION 

1 . Preparation of distribution package 

FIG. 2 illustrates a logical structure of a Sealed Con- 
trolled Information (COIN) according to a first embodi- 
ment of the present invention. The Sealed COIN is pre- 
pared by an information provider once the information 
consumer agrees to the terms of an information distri- 
bution contract. The first embodiment of the present in- 
vention describes an off-line scheme where the trans- 
mission channel 20 comprises any kind of non-volatile 
storage medium such as a floppy disk, a hard disk, an 
optical disk and other non- volatile semiconductor stor- 
age devices. An information distribution contract con- 
tains at a minimum the identity of controlled information, 
the number of accesses, and the type of transmission 
medium 20. 

Referring again to FIG. 2, the logical structure of the 
Sealed Controlled Information (COIN) comprises a 
header 35 and a body 40. COIN refers to the original 
information encoded in some "soft" form (e.g., electron- 
ic, magnetic or optical) that the Information Provider 10 
shall provide to the Information Consumer 30 for his ac- 
cess for a predetermined number of times. COIN is en- 
coded or sealed by using some scheme such that ac- 
cessing the COIN without a valid decryption key is com- 
putationally intractable. The header 35 further compris- 
es a plurality of fields: a medium signature 36, an access 
window 37 (AW), total number of legal accesses allowed 
38 (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryption/decryption keys 41 (K^ 
to Kj^l). The medium signature 36 refers to any scheme 
which allows a distribution medium, such as a floppy 
disk, to have a unique identification. Preferably, this sig- 
nature depends upon the characteristics or nonuniform- 
ities of the distribution medium. Foran example of a suit- 
able medium signature, please refer to the pending U. 
S. application serial No. 08/120,969, filed 13 September 
1993, by the same assignee as the present invention. 
The AW 37 refers to a specified time period within which 
a legal access is granted to the information consumer 
for accessing the COIN. A start and end time is given 
as the boundary of the access window in which the In- 
formation Consumer 30 can access the disseminated 
information legally. TAL 38 is the total number of legal 
accesses to the COIN granted by the Information Pro- 
vider 10 to the Information Consumer 30 under an infor- 
mation dissemination contract. LAL 39 is the number of 
legal accesses left; it is the difference between TAL and 
the number of accesses already granted. When LAL is 
equal to zero, access to COIN shall be denied. to 
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Kjy^L 41 are keys used for decrypting the COIN in the 
body 40. Preferably the encryption and decryption 
scheme of K-, to Kj^l 41 is based on Public Key Cryp- 
tography (PKC) which allows the information provider to 
transmit secret messages to the access device without 
priortransmission of a secret key. Under PKC, each par- 
ty has a pair of keys - one secret (known only to itself) 
and one public (known to everyone like a telephone 
number In a telephone directory). In other words, the in- 
formation provider has a secret key (SSK) and a public 
key (SPK) while the access device has a secret key 
(DSK) and a public key (DPK). When the information 
provider sends a secret message to the information con- 
sumer, the information provider uses the access de- 
vice's public key (DPK) to encrypt the message. Only 
the access device can decrypt the encrypted message 
by using its own secret key (DSK). For further reference 
on PKC, see R.L. Rivest, A. Shamir and L Adieman: "A 
Method for Obtaining Digital Signature in Public-Key 
Cfyptosystems" Communications of the ACM, \fol. 21, 
No. 2, February 1978, pp. 120 - 126. Also see D.E.R. 
Denning, Cryptography and Data Security Add is ion - 
Wesley Reading, MA, 1 983. 

Once the Information Consumer 30 agrees with the 
Information Provider 10 on the terms of the distribution 
contract, Information Provider 10 executes a procedure 
as outlined in FIG. 4 beginning with step 60 to produce 
a distribution medium incorporating the sealed COIN. In 
step 62 TAL number of keys, K^ to Kj^l - ^""^ generated 
for encrypting COIN in the body 40. Although PKC is 
referred in the embodiment of the present invention, any 
method of encryption is applicable. Next, a medium sig- 
nature 36 is created from the particular distribution me- 
dium on which COIN is to be distributed. Pending U.S. 
application serial No. 08/120,969, filed 13 September, 
1 993, and assigned to the same assignee as the present 
invention exemplifies one of many ways of generating 
a medium signature. In step 66, COIN is encrypted with 
Ki . It follows that the body 40 of the sealed COI N is gen- 
erated. In step 68, the header 35 is prepared next. Ini- 
tially the value LAL 39 is set to be identical with that of 
TAL 38. By concatenating AW 37, TAL 38, LAL 39, Ki 
to Kjal 4"'' medium signature 36 as illustrated in 
FIG. 2, the header 35 is then encrypted in step 68 using 
the public key DPK of the information consumer's ac- 
cess device. The encrypted header 35 and the encrypt- 
ed body 40 constitutes the sealed COIN and is written 
onto the distributed medium in step 70. 

2. Access of information 

It is assumed that the Information Consumer 30 has 
some device, for example a computer, to access the in- 
formation in the distributed medium. The minimum en- 
hancements to such a device for accessing COIN are 
shown in FIG. 3. A Controller 45 is coupled at its input 
to an information input channel 27 for receiving dissem- 
inated information from the read device (not shown) of 



distributed medium. The Controller 45 is also coupled 
at one of its outputs to an information output channel 29 
for transmitting re-encrypted information to the write de- 
vice (not shown) of the distributed medium. The function 
5 of Controller 45 shall be described below in the descrip- 
tion of FIG. 5. It should be understood by one skilled in 
the art that the Controller 45 can be implemented fully 
in hardware or by a general purpose processor with the 
appropriate software. The controller 45 is also coupled 
at the other output to an output unit 50 over a link 47 for 
displaying the disseminated information. The output unit 
50 could be a display unit for text/graphics/animation/ 
video or a transducer for audio information. The output 
unit 50 could itself be a device for distributing controlled 
information to other information consumers. The con- 
troller 45 is also coupled to a clock 55 over link 49 for 
counter-checking whether the real time is within the 
boundary of the access window AW 37. Preferably, the 
clock 55 and the access device are tamper-proof such 
that the information consumer may not tap into the link 
47 nor alter the value of the clock 55. It should be un- 
derstood by one skilled in the art that the controller has 
means to interact with the user, the details of which are 
omitted in order not to obscure the description of the first 
embodiment of the present invention. 

FIGS. 5A & 5B summarizes the logical flow of the 
Controller 45 of the access device in accordance to the 
first preferred embodiment of the present invention. 
When the Information Consumer 30 wishes to access 
the sealed COIN, he or she loads in step 80 the medium 
read/write device with the distribution medium (not 
shown) containing the sealed COIN. The Controller 45 
of the access device is presented with the information 
read from the medium read/write device via the input 
channel 27. The Controller 45 checks in step 82 whether 
the information at the input channel 27 is encrypted. If 
the information is unencrypted, i.e., uncontrolled infor- 
mation, the Controller 45 allows the information at the 
input channel 27 to pass directly in step S4 to the output 
unit 50 over the link 47. However, if the information at 
the input channel 27 is encrypted or controlled, the Con- 
troller 45 decrypts the header 35 of the sealed COIN by 
using in step 88 the secret key DSK of the access de- 
vice. As mentioned above, the secret key DSK is un- 
known to the Information Consumer 30. Next in step 90, 
the Controller 45 checks whether there are any legal ac- 
cess left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38 = 0 and 
an evade processing module is invoked in step 92 which 
either denies the information access or erases the con- 
tents of the medium. The specific action depends on a 
particular embodiment of the invention. Should the val- 
ue of LAL be greater than zero, then the Controller 45 
compares in step 94 the value of the access window AW 
37 with the time of the clock 55. If the current time falls 
outside of the boundary of the AW 37, the evade 
processing module in step 92 is invoked. Othenvise, the 
Controller 45 checks in step 96 whether the medium sig- 



15 



20 



25 



30 



35 



40 



45 



SO 



5 



9 



EP 0 672 991 B1 



10 



nature 36 corresponds with the signature read from the 
input channel 27 and that of the output channel 29. If 
the medium signature 36 does not match , the sealed 
COI N is stored on a copied medium. An evade process- 
ing module as in step 92 is invoked. Otherwise, the Con- 
troller 45 confirms that the Information Consumer 30 has 
a right to access the sealed COI N on the distribution me- 
dium. 

It should be obvious to those skilled in the art that 
the controller of the access device of the present inven- 
tion permits the information consumer to access trans- 
parently uncontrolled and controlled information in an 
off-line manner by using the same access device. While 
the present invention obviates the task of switching back 
and forth between at least two access devices, it also 
allows the information provider to distribute uncontrolled 
and controlled information in one package. With greater 
information at the disposal of the information consumer, 
usage of controlled information under the terms of the 
information provider is encouraged. 

After the Controller 45 determines that the Informa- 
tion Consumer 30 has a right to access the sealed COI N 
on the distribution medium in FIG. 5A, the controller ex- 
tracts in step 95 the encryption/decryption key Kj^l 
- LAL + 1 ^^^^ the header 35. The Controller 45 disables 
dumping of decrypted information via the output channel 
29. The Controller 45 then decrypts the sealed COIN by 
using the key Kj;y_. l^l^ ^ in step 98. The decrypted in- 
formation, COIN, is provided in step 100 in FIG. 5 B as 
output to the output unit 50 over the link 47. It follows 
that the Information Consumer 30 accesses the COIN 
transparently while the Controller 45 checks, validates, 
encrypts and decrypts the appropriate controlled infor- 
mation automatically. In step 102 the Controller 45 dec- 
rements the value of the LAL by one. The header 35 
thus become modified header 35'. Should the value of 
LAL equals zero as tested in step 1 04, then a "disable 
information access" module is invoked in step 106 which 
for example, erases the sealed COIN from the distribu- 
tion medium. If the value of LAL is > 0, then the Control- 
ler 45 extracts the encryption/decryption key 
Ktal-lal + 2 encrypts the COIN in step 108. The 
Controller 45 then encrypts the modified header 35' by 
using the public key DPK of the access device. Finally 
the Controller 45 writes the new sealed COI N generated 
by this encrypted COIN 40 and the encryption of the 
modified header 35' onto the distribution medium via 
output channel 29 in step 110. Thus, the procedure de- 
scribed in FIGS 5A and 5B implements a "use-n-times" 
controlled information scheme that give the information 
provider enhanced control over the dissemination of dig- 
ital information. 



SECOND EMBODIMENT OF THE PRESENT 
INVENTION 

1 . Overall system set-up and operations 

The second embodiment of the present invention 
describes an on-line scheme for controlled dissemina- 
tion of digital information. Referring once again to FIG. 

I, the transmission channel 20 comprises a variety of 
communication links between the Information Provider 
10 and the Information Consumer 30. For instance, the 
transmission channel 20 could include a computer net- 
work or even telephone lines. 

The architecture of an access device modeling the 
Information Consumer 30 for an on-line scheme is illus- 
trated in FIG. 6. Controlled information from the trans- 
mission channel 20 is presented tothe Information Con- 
sumer 30 over an input channel 27 which is coupled to 
a Controller 48. The functions of the Controller 48 shall 
be elaborated in connection with the description of FIG. 

I I . The Controller 48 can be implemented either in hard- 
ware or by a general purpose processor with proper soft- 
ware. Referring again to FIG. 6, the Controller 48 is cou- 
pled to an output unit 50 over a clear channel 47. Just 
as in the first embodiment of the present invention, the 
output unit 50 comprises a device for outputting control- 
led information or a mechanism for distributing control- 
led information to others. The Controller 48 is also cou- 
pled to a memory storage 52 and a clock 55 for reasons 
which shall be explained below. The Controller 48 is 
coupled to an output channel 29 for outputting re-en- 
crypted controlled information. Preferably, the various 
channels coupled to the Controllers 48 are tamper- 
proof. This will make it impossible for users to tap into 
the clear channel 47, to access the Controller 48, to alter 
the value of the memory storage 52, or to change the 
value of the clock 55. It should be understood by one 
skilled in the art that the controller has means to interact 
with the user, the details of which are omitted in order 
not to obscure the description of the second embodi- 
ment of the present invention. 

The objective of the on-line scheme of controlled 
dissemination of digital information is to achieve im- 
proved control of the delivery of information so that once 
the information is accessed by the information consum- 
er for a specified number of times, the information no 
longer exists in a usable form without authorization from 
the information provider. The enhanced control of infor- 
mation dissemination is achieved by using encryption 
and by limiting an information consumer's access at a 
designated legal access device during an access win- 
dow. 

In order to achieve the above mentioned controls, 
the encrypted COIN is packaged with some control data, 
which is called the "header" while the encrypted COIN 
is called the "body". The header and body together are 
called the Sealed-COIN. A user presents the Sealed- 
COIN together with a ticket tothe access device in order 
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1o access the COIN. This ticket is called "Seal Opener" 
or just "Opener" for short. The Openers are issued by 
the Information Provider at user's request. FIGS 7A and 
7B illustrate possible logical structures of Sealed-COIN 
and Seal Opener for realizing the second embodinnent 
of the present invention. Below are definitions of specific 
terms and acronyms needed in the rest of the descrip- 
tion: 

COIN Original information encoded in some digital 
form; identified by unique identification, I ID. 

TAL Total number of legal access to the COIN al- 
lowed by the information provider to informa- 
tion consumer. 

LAL Number of legal access left. 

LAD The device on which the COIN can be ac- 
cessed legally. 

PID Unique identification number of information 
provider. 

UID Unique identification number of information 
consumer. 

CID Unique identification of a contract of informa- 
tion dissemination. Logically a contract asso- 
ciates PID, I ID, TAL, LAD and UID. 

AW Access window is the time du ring wh ich a legal 
access is granted to COIN. 

An agreement or contract of information dissemina- 
tion (CI D) between an information provider and an in- 
formation consumer provides at a minimum that the in- 
formation provider shall provide some COIN to the in- 
formation consumer for TAL number of legal accesses 
on certain LAD. As such, CID associates with PID, I ID, 
TAL, LAD and UID respectively. In the simplest form, a 
CID is formed by concatenating PID, I ID, TAL, LAD and 
UID as illustrated logically in FIG. 7A. It should be un- 
derstood by one skilled in the art that although the fields 
121 to 129 in FIG. 7A are drawn in some order, the struc- 
ture of CID 120 in any implementation is not bound by 
this order and arrangement. Similarly, the generality of 
the preceding comments applies to FIG. 7B. CID 120 
expires when all of TAL 125 number of accesses have 
been made. 

Referring again to FIG. 7A, a Sealed-COIN com- 
prises a header 119 and a body 130. As mentioned 
above briefly, body 30 is the original COIN which has 
been encoded by using some encryption scheme so that 
obtaining the COIN without a valid decryption key is 
computationally intractable. The decrypted header 119 
further comprises three fields: CID 120, LAL 122 and 
keys 124. Keys 124 consist of TAL number of keys K^, 



K2, ... , Kj^|_. They are used to decrypt the body and fur- 
ther encrypt the COIN to form new Sealed-COIN. 

FIG. 7B shows the logical structure of a Seal Open- 
er. It too has a header 1 40 and a body 1 45. The header 

5 140 has two fields: CID 131 and AW 142. CID 1 31 of the 
Opener is identical to the CID 120 of the Sealed-COIN. 
The AW 142 holds a number of access windows during 
which the information consumer may access the COIN. 
The body 1 45 contains a decryption key Kh for the head- 

10 er 119 of the Sealed-COIN in FIG. 7A. The key Kh is 
maintained for the life of contract CID. For the second 
embodiment of the present invention, a Publ ic Key Cryp- 
tography scheme as well as a conventional secret key 
scheme are used to illustrate the on-line scheme of in- 
formation dissemination. With respect to a Public Key 
scheme, the present invention denotes the secret and 
public keys of Information Provider 1 0 by PSK and PPK, 
respectively, and the secret and public keys of the ac- 
cess device by DSK and DPK, respectively. 

^0 FIG. 10 illustrates the logical flow of the overall proc- 
ess of on-line controlled dissemination of information of 
the present invention. The on-line scheme of the present 
invention commences with the establishment of a con- 
tract between an Information Provider 10 and an Infor- 

2^ mation Consumer 30 in step 1 68 of Fl G . 10. At th is junc- 
ture, a CID and its associated fields PID 121, I ID 123, 
TAL 125, LAD 127 and UID 129 are stipulated in the 
contract. Based on this information, the Information Pro- 
vider 10 generates a Sealed-COIN as illustrated in FIG 

30 8, and transmits it over the transmission channel 20 to 
the information consumer in step 170 of FIG. 10. The 
information consumer then makes an request to the In- 
formation P rovider 1 0 over the same channel in step 1 72 
of FIG. 10. After verifying the information consumer's 

3S request in step 174 of FIG. 10, the Information Provider 
10 generates an Opener as outlined in steps 160-166 
of FIG. 9 and transmits the Opener to the information 
consumer in step 174 of FIG. 10. The information con- 
sumer presents the Sealed-COIN received earlier and 
the Opener to Controller 48 for accessing the COIN in 
step 176. 

In determining whetherto grantthe information con- 
sumer's request for access in step 178, the Controller 
43 applies the logical sequence of steps as outlined in 

4S FIGS. 11 A and 11 B details of which shall be elaborated 
below. Should an access be granted, the Controller 4B 
checks if the CID contract has expired in step 182 of 
FIG. 10, i.e., whether all the TAL number of accesses 
have been made by the information consumer. If not, 

so the COIN is re-sealed as described below and the out- 
come is made available to the information consumer 
through the Information Output Channel 29. The infor- 
mation consumer saves the re-sealed COIN for future 
access in step 184. For subsequent accesses, the in- 

55 formation consumer starts from step 1 72 by making an- 
other access request to the Information Provider 10. 
This continues until the expiration of the contract as in 
step 180. 
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2. Preparation ol Sealed-COIN and Seal Opener 

FIG. 8 describes how an iniomnation provider gen- 
erates a Sealed-COIN. The inlormation provider is 
ready to generate a Sealed-COIN in step 150 if it has 
the CID and the values of the associated quantities, 
namely, PID, I ID, TAU LAD and UID. The inlormation 
provider first generates TAL number of keys, K^, Kg, 
KjAL in step 152. Next, in step 154, the information pro- 
vider forms the header fields 119 of the Sealed-COIN 
by combining the CID for field 120, the value of TAL for 
field 122 and the keys for field 124. Then the body 130 
of the Sealed-COIN is formed by encrypting the COIN 
identified by IID with key K^. The header fields 119 in 
turn are encrypted in step 156 to form the header with 
a new key Kh which the infoimation provider maintains 
in association with the contract CID during the life time 
of the contract. As mentioned earlier, the key Kh forms 
part of the body of the Opener. Finally, the inlormation 
provider forms the Sealed-COIN by concatenating the 
header and the body in step 158. 

FIG. 9 illustrates in detail the steps in which the in- 
formation provider generates an Opener. The process 
starts with an information consumer making an access 
request with a valid CID and a number of valid access 
windows AW in step 160. With the CID, the information 
provider finds the corresponding key K^ , which it used 
in step 156 to encrypt the header fields 119 of the 
Sealed-COIN, and encrypts K^ using the information 
provider's secret key PSK in step 162. The information 
provider then forms the Opener by using the CI D for field 
1 31 p AWs for field 142 and the above encrypted K|_| for 
field 144 in step 164. Finally, the Opener is generated 
by encrypting the above outcome with the access de- 
vice's public key DPK in step 166. 

3. Access to Sealed-COIN 

As mentioned briefly above, FIGS 11 A and 11 B de- 
scribes the controller's logical steps in determining 
whether to grant the information consumer its access 
request. Step 200 checks whether the input is uncon- 
trolled information. An example of uncontrolled informa- 
tion is catalog information for the user to browse. If it is 
uncontrolled information, it is outputted to the output unit 
50 over the clear channel 47. Otherwise, the Controller 
48 asks the information consumer for an Opener in step 
204. The controller uses its own (i.e., the Access De- 
vice's) secret key DSK to decrypt the Opener to extract 
CID and AWs from field 131 and field 142 in step 206. 
From the CID, the controller extracts the LAD from field 
127. The controller checks whether the LAD matches 
with its own (i.e., the Access Device's) identification, and 
verifies whether the current time according to Clock 55 
iswithin one of the AWs found infield 142. If any of these 
checks fails, access to controlled information is denied 
in step 210. 

If the checks in step 208 are successful, the con- 



troller extracts the RID from field 121, and thus the in- 
formation provider's public key PPK in step 212. With 
this key, the controller decrypts the body 145 of the 
Opener to obtain Kh in step 214. Using Kh , the control- 
5 ler then, in step 216, decrypts the header 119 of the 
Sealed-COIN presented earlier by the information con- 
sumer. Then it extracts the value of TAL from field 125 
of the header in step 218. The controller then checks in 
step 220 whether T (denoting the value of TAL-LAL + 1 ) 
is within the range of [1 ,TAL]. In step 222, the access is 
denied if T is not within the range. When T is within the 
range, the controller then checks whether T-th access 
has been made in step 224 in FIG. 11B. It is important 
to note that the T-th access is recorded in the memory 
storage 52 in step 231 . The second and subsequent at- 
tempts for the T-th access will be denied in step 222. If 
the T-th access has not been made, the controller then 
decrypts the body 130 of the Sealed-COIN using Key 
Kj found in the header field 124. The controller sends 
the outcome to the Output Unit 50 via clear channel 47 
in step 226. In the case where LAL is greater than 1 , the 
controller proceeds to step 230. Here, the controller re- 
encrypts the COIN using key Kj+i found in field 124 of 
header 119. Next, the controller decrements the value 
in field 122 of the header 11 9 by one and encrypts the 
new header using key Kh- The header 119 thus be- 
comes modified header 11 9\ The modified header 119' 
and COIN are concatenated to form a new Sealed-COl N 
which is directed to Information Output Channel 29 for 
the information to save. Finally, in step 231 the current 
value of LAL is recorded in the storage 52 for the check 
in step 224 whether the T-th access has been made. 
The process terminates in step 232. 

While the present invention has been described 
particularly with reference to FIGS. 1 to 11B with em- 
phasis on a method for controlling the dissemination of 
digital information in either an off-line or an on-line en- 
vironment, it should be understood that the figures are 
for illustration only and should not be taken as limitations 
on the invention. In addition, it is clear that the methods 
of the present invention have utility in many applications 
where control of dissemination of digital information is 
required. 



1. In a system for controlling the dissemination of in- 
formation by an information provider in an off-line 

50 manner including at least a storage medium and an 
access device at an information consumer's dispos- 
al, said information including both controlled infor- 
mation, or COIN, and uncontrolled information, a 
method for providing enhanced control over the us- 

55 age of controlled information comprising the steps 
of: 

a) encrypting said COIN and a header to pro- 
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duce a Sealed-COIN on said storage medium, 
said lieader comprising at least a total number 
of legal accesseSp number o1 legal accesses 
left, a plurality of encryption/decryption keys, 
and a medium signature for checking and vali- 
dating the authenticity of said storage medium; 

b) decrypting said header of said Sealed-COIN 
and checking the values in said header with a 
controller disposed in said access device upon 
access of said storage medium by an informa- 
tion consumer; said controller disallowing ac- 
cess to information if any of the checks fails; 

c) decrypting said COIN using one of said en- 
cryption/decryption keys and presenting said 
COIN information to an output unit disposed in 
said access device if all the checks in b) made 
by said controller succeed, said header being 
modified to become modified header such that 
said number of accesses left is decremented ; 
and 

d) re-encrypting said COIN and said modified 
header using another of said encrypt iort/de- 
cryption keys after each access request by said 
information consumer until there is no legal ac- 
cess left, 

whereby said information provider exercises control 
of access by setting values for said header in ac- 
cordance to the agreement between the information 
provider and the information consumer, and the in- 
formation consumer transparently accesses con- 
trolled and uncontrolled information. 

2. The method as defined in claim 1 , characterised in 
that said header further comprises a plurality of ac- 
cess windows, the value of each said access win- 
dow being checked by said controller to permit ac- 
cess to said information during a predetermined pe- 
riod of time. 

3. The method as defined in claim 1 or claim 2 char- 
acterised in that said medium signature permits ac- 
cess to said information on said access device only 
if said controller matches the medium signature of 
said storage medium with the medium signature 
read by said access device. 

4. In a system for controlling the dissemination of in- 
formation by an information provider in an on-line 
manner over at least one transmission channel and 
at least one access device at an information con- 
sumer's disposal, said information including both 
controlled information, or COIN, and uncontrolled 
information, a method for providing enhanced con- 
trol over the usage of controlled information com- 
prising the steps of: 

a) encrypting said COIN and a header to pro- 



duce a Sealed-COIN before sending said 
Sealed-COIN to said information consumer, 
said header comprising at least a total number 
of legal accesses, number of legal accesses 

5 left,apluralityofencryption/decryption keys for 

encrypting said information, said header being 
encrypted by an encryption/decryption key Kh 
maintained for the life of a predetermined dis- 
tribution contract; 

10 b) encrypting a Seal Opener upon receiving ac- 

cess request from an information consumer 
and sending said Seal Opener to the informa- 
tion consumer, said Seal Opener comprising at 
least a plurality of access windows and said key 

IS Kh; 

c) decrypting said Seal Opener with a controller 
disposed in said access device, said controller 
checking the access windows in said Sealed 
Opener upon access by the information con- 

20 sumer, said controller disallowing access to 

said information if any of the checks fails; d) de- 
crypting said header of said Sealed-COIN and 
checking the values in said header with a con- 
troller disposed in said access device upon ac- 

2S cess of said information by an information con- 

sumer, said controller disallowing access to in- 
formation if any of the checks fails; 

e) decrypting said COIN using one of said en- 
cryption/decryption keys and presenting said 

30 information therein to an output unit disposed 

in said access device rf all the checks in d) 
made by said controller succeed, said header 
being modified to become modified header 
such that said number of accesses left is dec- 

35 remented; and 

f) re-encrypting said COIN and said modified 
header using another of said encryption/de- 
cryption keys after each access request by said 
information consumer until there is no legal ac- 

40 cess left, 

whereby said information provider exercises control 
of access by setting values for said header in ac- 
cordance to the agreement between the information 
45 provider and the information consumer and the in- 
formation consumer transparently accesses con- 
trolled and uncontrolled information. 

5. The method as defined in any of claims 1 to 4 char- 
ge acterised in that said information comprises digital 

information. 

6. The method as defined in any of claims 1 to 5 char- 
acterised in that said controller permits a predeter- 

55 mined number of accesses to said information upon 
checking the value of said total number of legal ac- 
cesses left. 
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7. The method as defined in any of claims 1 to 6 char- 
acterised in that said header lurther comprises legal 
access device identification information, the value 
of said legal access identification being checked by 
said controller to permit access only on said legal 
access device. 

8. The method as defined in any of claims 4 or 5-7, as 
dependent on claim 4, characterised in that the ac- 
cess windows of said Seal Opener are checked by 
said controller to permit access to said information 
during a predetermined period of time only. 

9. The method as defined in any of claims 1 to 8 char- 
acterised in that said controller is coupled to said 
output unit over tamper-proof links. 



Patentanspruche 

1. Verfahren zur Schaffung einer verbesserten Kon- 
trolle uber den Gebrauch kontrollierter Information 
in einem System zur Steuerung der Verbrertung von 
Information durch einen Informationslieferanten im 
Off line-Bet rieb, unter Einschlufl von zumindest ei- 
nem Speichermedium und einer Zugriffseinrich- 
tung, die einem Informationsverbraucher zur Verfu- 
gung steht, wobei die Information sowohl kontrol- 
lierte Information oder COIN als auch unkontrollier- 
te Information einschliel3t, mil den folgenden Schrit- 
ten: 

a) Verschlussein der COIN und eines Anfangs- 
blockes zur Erzeugung einer gesiegelten COIN 
auf dem Speichermedium, wobei der Anfangs- 
block zumindest eine Gesamtzahl von recht- 
malBigen Zugriffen, eine Anzahl von verblei- 
benden rechtmaBlgen Zugriffen, eine Vielzahl 
von Versch lusselungs-ZEntsch lusselungs- 
Schlusseln und eine Medium-Signaturzur Pru- 
fung und Validierung der Authentizitat des 
Speichermediums umfaQt, 

b) Entschlusselung des Anfangsblockes der 
gesiegelten COI N Pruf en der Werte in dem An- 
fangsblock mil einem Steuergerat, das in der 
Zugriffseinrichtung angeordnet ist, beim Zugriff 
auf das Speichermedium durch einen Informa- 
tionsverbraucher, wobei das Steuergerat den 
Zugriff auf die Information verweigert, wenn ir- 
gendeine der Prufungen fehlschlagt, 

c) Entschlussein der COIN unter Verwendung 
eines der Verschlusselungs-ZEntschlusse- 
lungs-Schlussel und Zufuhrung der COIN-ln- 
formation zu einer Ausgabeeinheit, die in der 
Zugriffseinrichtung angeordnet ist, wenn alle 
von dem Steuergerat in b) durchgef uhrten Pru- 
fungen erfolgreich sind, wobei der Anfangs- 
block modifiziert wird, um zu einem modifizier- 



ten Anf angsblock derart zu werden, dal3 die An- 
zahl der verbleibenden Zugrrffe abwarts ge- 
zahlt wird, und 

d) Neuverschlussein der COIN und des modi- 
5 fizierten Anfangsblockes unter Verwendung ei- 

nes anderen der Verschlusselungs-ZEntschlus- 
selungs-Schlussel nach jeder Zugriffsanforde- 
rung von dem Informationsverbraucher, bis 
kein rechtmaf3iger Zugriff verblieben ist, 

10 

wodurch der Informationslieferant eine Kontrolle 
des Zu griffs durch Pests etzen von Wert en fur den 
Anfangsblock entsprechend der Vereinbarung zwi- 
schen dem Informationslieferanten und dem Infor- 
15 mationsverbraucher ausubt und der Informations- 
verbraucher in transparenter Weise einen Zugriff 
auf kontrollierle und unkontrollierle Information 
ausfuhrt. 

20 2. Verfahren nach Anspruch 1 , dadurch gekennzeich- 
net, daf3 der Anfangsblock weiterhin eine Vielzahl 
von Zugriffsfen stern umfaBt, wobei der Wert jedes 
dieser Zugriff sfenster von dem Steuergerat gepruft 
wird, um den Zugriff auf die Information wahrend 

25 einer vorgegebenen Zeitperiode zuzulassen. 

3. Verfahren nach Anspruch 1 oder 2, dadurch ge- 
kennzeichnet, dal3 die Medium-Signatur den Zugriff 
auf die Information auf der Zugriffseinrichtung ledig- 
30 lich dann ermoglicht, wenn das Steuergerat eine 
Ubereinstimmung der Medium-Signatur des Spei- 
chermediums mit der Medium-Signatur ergibt, die 
von der Zugriffseinrichtung gelesen wird. 

35 4. Verfahren zur Schaffung einer verbesserten Kon- 
trolle uber den Gebrauch kontrollierter Information 
in einem System zur Steuerung der Verbreitung von 
Information durch einen Informationslieferanten in 
einer Online-Weise uber zumindest einen Ubertra- 
gungskanal und zumindest eine Zugriffseinrich- 
tung, die einem Informationsverbraucher zur Verfu- 
gung steht, wobei die Information sowohl kontrol- 
lierte Information oder COIN als auch unkontrollier- 
te Information einschlieOt, mit den folgenden Schrit- 

4S ten: 

a) Verschlusselung der COIN und eines An- 
fangsblockes zur Erzeugung einer gesiegelten 
COIN, bevordie gesiegelte COIN an den Infor- 
50 mationsverbraucher gesandt wird, wobei der 

Anfangsblock zumindest eine Gesamtzahl von 
rechtmaBigen Zugriffen, eine Anzahl von ver- 
bleibenden rechtmafJigen Zugriffen, eine Viel- 
zahl von Verschlusselungs-/ Entsch lesse- 
es lungs-SchlusseIn zur Verschlusselung der In- 
formation umfafJt, wobei der Anfangsblock mit 
einem Verschlusselungs-ZEntschlusselungs- 
Schlussel K|-| verschlusseit ist, der fur die Lauf- 
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zeit eines vorgegGbenen Verteilungsvertrages 
aulrechterhalten wird, 

b) VerschlUGseIn einer Versiegelungsfreigabe 
bei Empfang einer Zugriffsanforderung von ei- 
nem Inlormationsverbraucher und Senden der 5 
Versiegelungslreigabe an den Inlormationsver- 
brauchen wobei die Versiegelungsfreigabe zu- 
mindest eine Vielzahl von Zugrrffslen stern und 
den Schlussel Kh umffaBt, 

c) Entschlussein der Versiegelungsfreigabe nnit 
einem in der Zugriffseinriclitung angeordneten 
Steuergeratp wobei das Steuergerat das Zu- 
griffslenster in der Versiegelungslreigabe bei 
Zugriff durch den Infornnationsverbraucher 
pruft und das Steuergerat einen Zugriff auf die 
Information verweigert, wenn eine der Prufun- 
gen fehlscfilagt, 

d) Enschlussein des Anfangsblockes der ge- 
siegelten COIN und Prufen der Werte in dem 
Anfangsblock mit einem in der Zugriffseinrich- 
tung angeordneten Steuergerat bei Zugriff auf 
die Information durch einen Informationsver- 
brauchien wobei das Steuergerat den Zugriff 
auf die Information verweigert, wenn eine der 
Prufungen fehlschlagt, 

e) Entschlussein der COIN unter Venwendung 
eines der VerschlusGelungs-ZEntschlusse- 
lungs-Schlussel und Lief erung der darin enthal- 
tenen Information an eine Ausgabeeinheit, die 

in der Zugriffseinrichtung angeordnet ist, wenn 3o 
alle die von dem Steuergerat in d) gemachiten 
Prufungen erfolgreich sind, wobei der Anfangs- 
block modifiziert wird, um zu einem modifizier- 
ten Anf angsblock derart zu werden , daO die An- 
zahl der verbleibenden Zugriffe abwarts ge- 
zahit wird. 

f) erneutes Versch I Ossein der COIN und des 
modrfizierten Anfangsblockes unter Verwen- 
dung eines anderen der Verschlusselungs-/ 
Entschlusselungs-Schlussel nach jeder Zu- 
griffsanford erung von dem Infomnationsver- 
braucfien bis kein rechtmafJiger Zugriff verblie- 
ben ist, 

wodurch der Informationslieferant eine Kontrol- 
le des Zugriffs dadurch ausubt, daB Werte fur ^5 
den Anfangsblock entsprechend der Vereinba- 
rung zwischen dem Infoimationslieferanten 
und dem Informationsverbraucher gesetzt wer- 
den und der Informationsverbraucher in trans- 
parenter Weise einen Zugriff auf kontrollierte 50 
und un kontrollierte Information ausfuhrt. 

5. Verfahren nach einem der Anspruche 1 bis 4, da- 
durch gekennzeichnet, daB die Information digitale 
Information umffaBt. 55 

6. Verfahren nach einem der Anspruche 1 bis 5, da- 
durch gekennzeichnet, dal3 das Steuergerat eine 
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vorgegebene Anzahl von Zugriffen auf die Informa- 
tion nach der Prufung des Wertes der Gesamtzahl 
der verbleibenden rechtmafBigen Zugriffe ermog- 
licht. 

7. Verfahren nach einem der Anspruche 1 bis 6, da- 
durch gekennzeichnet, daf3 der Anfangsblock wei- 
terhin I dentifikat ions information fur eine rechtmaBi- 
ge Zugriffseinrichtung umfaBt, wobei der Wert der 
rechtmaBigen Zugriffs information von dem Steuer- 
gerat gepruft wird, um einen Zugriff lediglich auf die 
rechtmaBige Zugriffseinrichtung zu ermoglichen. 

8. Verfahren nach einem der Anspruche 4 Oder 5 bis 
7 unter Ruckbeziehung auf Anspruch 4, dadurch 
gekennzeichn et, da3 die Zugrrffsfenster der Versie- 
gelungsfreigabe durch das Steuergerat gepruft 
werden, um den Zugriff auf die Information nurwah- 
rend einer vorgegebenen Zeitperiode zuzulassen. 

9. Verfahren nach einem der Anspruche 1 bis 8, da- 
durch gekennzeichnet, daB das Steuergerat mit der 
Ausgabeeinheit uber manipulierungssichere Ver- 
bindungen gekoppelt ist. 



Revendications 

1 . Dans un systeme pour controle r la propagation d' in- 
formations via un fournisseur d'informations d'une 
mani^re en diff^r^, englobant au moins un support 
de memoire et un dispositif d'acces a la disposition 
de rutilisateur des informations, lesdites informa- 
tions englobant a la fois des informations controlees 
ou de type COIN et des informations non contrS- 
lees, un procede pour ameliorer le controle de I'uti- 
li sat ion des informations controlees, comprenant 
les stapes consistant 

a) chiffrer lesdites informations de type COIN 
et une en-tete pour obtenir des informations 
prot6g6es de type COIN sur ledrt support de 
m6moire, ladite en-t§te comprenant au moins 
un nombre total d'acces legaux, le nombre 
d'accfes I6gaux restants, plusieurs cl6s de chif- 
frement/dechiffrement, et une signature de 
support pour verifier et valider I'authenticit^ du- 
dit support de memoire; 

b) dechiffrer ladite en-tete desdites informa- 
tions prot6g6es de type COIN et verifier les va- 
leursdans ladite en-tete avec un contrdleur dis- 
pose dans ledrt dispositif d'accds lors de I'accds 
audit support de memoire par un utilisateur des 
informations; ledit contrSleur refusant I'acc^s 
aux informations dans le cas ou I'une quelcon- 
que des verifications echoue; 

c) d6chiffrer lesdites informations de type COIN 
en utilisant une desdites cles de chiffrement/ 
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22 



chrffremeni mainlenue pendant la duree d'un 
contrat de distribution pr6d6ternnin6; 

b) chiffrer un decodeur lors de 1^ reception 
d'une demands d'acc^s de la part d'un utilisa- 

5 teurdesinfornnationGete n voy e rieditdecodeur 

h I'utilisateur des informations, ledit d6codeur 
comprenant au moins plusieurs fendtres d'ac- 
ces et ladite cle K^; 

c) d6chiffrer ledit d6codeur avec un contr6leur 
10 dispose dans le dispositrf d'acces, ledit contro- 

leur v^rrfiant les fenStres d'accds dans ledit de- 
codeur lors de I'acces via I'utilisateur d'informa- 
tionSp ledit controleur retusant I'acces auxdites 
informations dans le cas ou I'une quelconque 
15 des verifications echoue; 

d) d6chiffrer ladite en-t§te desdites informa- 
tions protegees de type COIN et verifier les va- 
leursdans ladite en-t§te avec uncontraieur dis- 
pose dans ledit dispositif d'accds lors de I'accds 

20 auxdrtes informations par un utilisateur des in- 

formations; ledit contr6leur refusant i'acces aux 
informations dans le cas ou I'une quelconque 
des verifications echoue; 

e) dechiffrer lesdites informations de type COIN 
25 en utilisant une desdites cles de chiffrement/ 

d6chrffrement et presenter lesdites informa- 
tions de type COI N a une unite de sortie dispo- 
see dans ledit dispositif d'acces lorsque toutes 
les verifications dans d) mises en oeuvre par 
30 ledit contraieur sont couronn6es de succds, la- 

dite en-t§te 6tant modrfi6e pourdevenir une en- 
tete modif iee dans I e sens ou ledit nombre d'ac- 
ces restants est d6crement6; et 

f) rechiffrer lesdites informations de type COIN 
35 et ladite en-t§te modrfi6e en utilisant une autre 

cle de chiff rement/dechiff rement apres chaque 
demande d'acces emanant dudit utilisateur 
d'informations jusqu'^ epuisement des accds 
legaux, 

40 

par lequel ledit foumisseur d'informations exerce un 
contrdle de raccds en attribuant des valeurs ^ La- 
dite en-tete en fonction d'une concertation entre le 
fournisseur d'informations et I'utilisateur des infor- 
ms mations, Tutiiisateur des informations acc6dant de 
maniere transparente aux informations controlees 
et non contrai6es. 



dechiffrement et presenter lesdites informa- 
tions de type COIN ^ une unite de sortie dispo- 
see dans ledit dispositif d'acces lorsque toutes 
les verifications dans b) mises en oeuvre par 
ledit controleur sont couronnees de succes, la- 
dite en-tete etant modif lee pour deveni rune en- 
t§te modifiee dans le sens ou ledit nombre d'ac- 
ces restants est decremente; et 
d) rechiffrer lesdites informations detype COIN 
et ladite en-tete modif iee en utilisant une autre 
cie de chi iff rement/dechiff rement aprds chiaque 
demande d'acces emanant dudit utilisateur 
d'informations jusqu'a epuisement des acces 
legaux, 

par lequel ledit fournisseur d'informations exer- 
ce un contr6le de I'accfes en attribuant des va- 
leurs a ladite en-tete en fonction d'une concer- 
tation entre le fournisseur d'informations et I'uti- 
lisateurdes informations, I'utilisateur des infor- 
mations accedant de maniere transparente aux 
informations contr6iees et non contr6iees. 

2. Procede selon la revendication 1 , caracterise en ce 
que ladite en-tete comprend en outre plusieurs f e- 
netres d'acces, la valeur de chacune desdites f ene- 
tres d'acces etant v6rifiee par ledit contraieur pour 
permettre I'acces auxdites informations pendant un 
laps de temps predetermine. 

3. Proced6 tel que defini ^ la revendication 1 ou 2, ca- 
ract6rise en ce que ladite signature de support per- 
met d'acceder auxdites informations sur ledit dispo- 
sitif d'acces uniquement lorsque ledit contraieur 
etablit une cor res pon dance entre la signature de 
support dudit support de memoire et la signature de 
support lue par ledrt dispositif d'acces. 

4. Dans systfeme pour contraier la propagation d'infor- 
mations via un fournisseur conformations d'une ma- 
niere en iigne sur au moins un canal de transmis- 
sion et au moins un dispositif d'acces a la disposi- 
tion d'un utilisateur des informations, lesdites infor- 
mations englobant k la fois des informations con- 
trolees ou de type COIN et des informations non 
contraiees, un precede pour ameiiorer le contraie 
de I'utilisation des informations controlees, compre- 
nant les etapes consistant ^: 

a) chiffrer lesdites informations de type COIN 
et une en-tete pour obtenir des informations 
protegees de type COIN avant d'envoyer lesdi- 
tes informations protegees de type COIN audit 
utilisateur des informations, ladite en-tete com- 
prenant au moins un nombre total d'accfes 16- 
gaux, un nombre d'acces legaux restants, plu- 
sieurs cles de chiff rement/dechiff rement pour 
chiffrer lesdites informations, ladite en-t5te 
etant chiffree via une cle Kh de chiffrement/de- 



5. Procede tel que defini dans I'une quelconque des 
50 revendications 1 ^ 4, caracteris§ en ce que lesdites 

informations comprennent des informations nume- 
riques. 

6. Proced6 selon I'une quelconque des revendications 
55 1^5, caracterise en ce que ledit contraieur permet 

un nombre predetermine d'acces auxdites informa- 
tions apres verification de la valeur dudit nombre 
total d'acces legaux restants. 



12 
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7. Precede salon Tune quelconque des revendicalions 
1 ^ 6, caract6ris6 en ce que ladrte en-t§te comprend 
en outre des inlormations d' identification du dispo- 
sitif d'accfes l^gal, la valeur desdites identifications 

de I'accGS legal etant verifiee par ledit controleur 5 
pour permettre I'accds uniquement audit dispositrf 
d'acc^s l^gal. 

8. Proc6d6 selon I'une quelconque des revendications 
4 ou 5-7 lorsqu'elles dependent de la revendication 
4, caract6ris6 en ce que les fen§tres d'acc^s dud it 
decode ur sont verifiees par ledit controleur pour 
pernnettre I'acces auxdites infornnations unique- 
ment au cours d'un laps de temps pr6d6termin6. 

IS 

9. Proc6d6 tel que d^fini dans I'une quelconque des 
revendications 1 a &, caracterise en ce que ledit 
contr6leur est couple ^ ladrte unit6 de sortie via des 
liaisons inviolables. 

20 
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